summaryrefslogtreecommitdiff
path: root/actions
diff options
context:
space:
mode:
Diffstat (limited to 'actions')
-rw-r--r--actions/apidirectmessagenew.php8
-rw-r--r--actions/apistatusesretweet.php2
-rw-r--r--actions/apistatusesupdate.php12
-rw-r--r--actions/apitimelinefavorites.php10
-rw-r--r--actions/block.php46
-rw-r--r--actions/deleteuser.php4
-rw-r--r--actions/favoritesrss.php2
-rw-r--r--actions/groupblock.php4
-rw-r--r--actions/login.php22
-rw-r--r--actions/register.php55
-rw-r--r--actions/showfavorites.php8
-rw-r--r--actions/twitapisearchatom.php20
12 files changed, 149 insertions, 44 deletions
diff --git a/actions/apidirectmessagenew.php b/actions/apidirectmessagenew.php
index b9ac92d77..65d065648 100644
--- a/actions/apidirectmessagenew.php
+++ b/actions/apidirectmessagenew.php
@@ -52,7 +52,6 @@ require_once INSTALLDIR . '/lib/apiauth.php';
class ApiDirectMessageNewAction extends ApiAuthAction
{
- var $source = null;
var $other = null;
var $content = null;
@@ -76,13 +75,6 @@ class ApiDirectMessageNewAction extends ApiAuthAction
return;
}
- $this->source = $this->trimmed('source'); // Not supported by Twitter.
-
- $reserved_sources = array('web', 'omb', 'mail', 'xmpp', 'api');
- if (empty($this->source) || in_array($this->source, $reserved_sources)) {
- $source = 'api';
- }
-
$this->content = $this->trimmed('text');
$this->user = $this->auth_user;
diff --git a/actions/apistatusesretweet.php b/actions/apistatusesretweet.php
index 128c881e2..9aa337485 100644
--- a/actions/apistatusesretweet.php
+++ b/actions/apistatusesretweet.php
@@ -79,7 +79,7 @@ class ApiStatusesRetweetAction extends ApiAuthAction
$this->user = $this->auth_user;
- if ($this->user->id == $notice->profile_id) {
+ if ($this->user->id == $this->original->profile_id) {
$this->clientError(_('Cannot repeat your own notice.'),
400, $this->format);
return false;
diff --git a/actions/apistatusesupdate.php b/actions/apistatusesupdate.php
index d4ef6b550..e3e579b0d 100644
--- a/actions/apistatusesupdate.php
+++ b/actions/apistatusesupdate.php
@@ -64,8 +64,6 @@ class ApiStatusesUpdateAction extends ApiAuthAction
var $lat = null;
var $lon = null;
- static $reserved_sources = array('web', 'omb', 'mail', 'xmpp', 'api');
-
/**
* Take arguments for running
*
@@ -80,19 +78,9 @@ class ApiStatusesUpdateAction extends ApiAuthAction
parent::prepare($args);
$this->status = $this->trimmed('status');
- $this->source = $this->trimmed('source');
$this->lat = $this->trimmed('lat');
$this->lon = $this->trimmed('long');
- // try to set the source attr from OAuth app
- if (empty($this->source)) {
- $this->source = $this->oauth_source;
- }
-
- if (empty($this->source) || in_array($this->source, self::$reserved_sources)) {
- $this->source = 'api';
- }
-
$this->in_reply_to_status_id
= intval($this->trimmed('in_reply_to_status_id'));
diff --git a/actions/apitimelinefavorites.php b/actions/apitimelinefavorites.php
index 8cb2e808d..79632447e 100644
--- a/actions/apitimelinefavorites.php
+++ b/actions/apitimelinefavorites.php
@@ -185,17 +185,23 @@ class ApiTimelineFavoritesAction extends ApiBareAuthAction
{
$notices = array();
+ common_debug("since id = " . $this->since_id . " max id = " . $this->max_id);
+
if (!empty($this->auth_user) && $this->auth_user->id == $this->user->id) {
$notice = $this->user->favoriteNotices(
+ true,
($this->page-1) * $this->count,
$this->count,
- true
+ $this->since_id,
+ $this->max_id
);
} else {
$notice = $this->user->favoriteNotices(
+ false,
($this->page-1) * $this->count,
$this->count,
- false
+ $this->since_id,
+ $this->max_id
);
}
diff --git a/actions/block.php b/actions/block.php
index 7f609c253..239a50868 100644
--- a/actions/block.php
+++ b/actions/block.php
@@ -87,13 +87,15 @@ class BlockAction extends ProfileFormAction
{
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
if ($this->arg('no')) {
- $this->returnToArgs();
+ $this->returnToPrevious();
} elseif ($this->arg('yes')) {
$this->handlePost();
- $this->returnToArgs();
+ $this->returnToPrevious();
} else {
$this->showPage();
}
+ } else {
+ $this->showPage();
}
}
@@ -118,6 +120,12 @@ class BlockAction extends ProfileFormAction
*/
function areYouSureForm()
{
+ // @fixme if we ajaxify the confirmation form, skip the preview on ajax hits
+ $profile = new ArrayWrapper(array($this->profile));
+ $preview = new ProfileList($profile, $this);
+ $preview->show();
+
+
$id = $this->profile->id;
$this->elementStart('form', array('id' => 'block-' . $id,
'method' => 'post',
@@ -175,4 +183,38 @@ class BlockAction extends ProfileFormAction
$this->autofocus('form_action-yes');
}
+ /**
+ * Override for form session token checks; on our first hit we're just
+ * requesting confirmation, which doesn't need a token. We need to be
+ * able to take regular GET requests from email!
+ *
+ * @throws ClientException if token is bad on POST request or if we have
+ * confirmation parameters which could trigger something.
+ */
+ function checkSessionToken()
+ {
+ if ($_SERVER['REQUEST_METHOD'] == 'POST' ||
+ $this->arg('yes') ||
+ $this->arg('no')) {
+
+ return parent::checkSessionToken();
+ }
+ }
+
+ /**
+ * If we reached this form without returnto arguments, return to the
+ * current user's subscription list.
+ *
+ * @return string URL
+ */
+ function defaultReturnTo()
+ {
+ $user = common_current_user();
+ if ($user) {
+ return common_local_url('subscribers',
+ array('nickname' => $user->nickname));
+ } else {
+ return common_local_url('public');
+ }
+ }
}
diff --git a/actions/deleteuser.php b/actions/deleteuser.php
index 42ef4b9f5..c0a8b20e2 100644
--- a/actions/deleteuser.php
+++ b/actions/deleteuser.php
@@ -92,10 +92,10 @@ class DeleteuserAction extends ProfileFormAction
{
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
if ($this->arg('no')) {
- $this->returnToArgs();
+ $this->returnToPrevious();
} elseif ($this->arg('yes')) {
$this->handlePost();
- $this->returnToArgs();
+ $this->returnToPrevious();
} else {
$this->showPage();
}
diff --git a/actions/favoritesrss.php b/actions/favoritesrss.php
index 62f06e841..51c92af93 100644
--- a/actions/favoritesrss.php
+++ b/actions/favoritesrss.php
@@ -89,7 +89,7 @@ class FavoritesrssAction extends Rss10Action
function getNotices($limit=0)
{
$user = $this->user;
- $notice = $user->favoriteNotices(0, $limit);
+ $notice = $user->favoriteNotices(false, 0, $limit);
$notices = array();
while ($notice->fetch()) {
$notices[] = clone($notice);
diff --git a/actions/groupblock.php b/actions/groupblock.php
index fc95c0e66..2e06dc324 100644
--- a/actions/groupblock.php
+++ b/actions/groupblock.php
@@ -117,7 +117,7 @@ class GroupblockAction extends RedirectingAction
parent::handle($args);
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
if ($this->arg('no')) {
- $this->returnToArgs();
+ $this->returnToPrevious();
} elseif ($this->arg('yes')) {
$this->blockProfile();
} elseif ($this->arg('blockto')) {
@@ -195,7 +195,7 @@ class GroupblockAction extends RedirectingAction
return false;
}
- $this->returnToArgs();
+ $this->returnToPrevious();
}
/**
diff --git a/actions/login.php b/actions/login.php
index dc6352368..d3e4312f7 100644
--- a/actions/login.php
+++ b/actions/login.php
@@ -63,6 +63,28 @@ class LoginAction extends Action
}
/**
+ * Prepare page to run
+ *
+ *
+ * @param $args
+ * @return string title
+ */
+
+ function prepare($args)
+ {
+ parent::prepare($args);
+
+ // @todo this check should really be in index.php for all sensitive actions
+ $ssl = common_config('site', 'ssl');
+ if (empty($_SERVER['HTTPS']) && ($ssl == 'always' || $ssl == 'sometimes')) {
+ common_redirect(common_local_url('login'));
+ // exit
+ }
+
+ return true;
+ }
+
+ /**
* Handle input, produce output
*
* Switches on request method; either shows the form or handles its input.
diff --git a/actions/register.php b/actions/register.php
index da8d0a0bb..2fc7ef921 100644
--- a/actions/register.php
+++ b/actions/register.php
@@ -74,6 +74,13 @@ class RegisterAction extends Action
parent::prepare($args);
$this->code = $this->trimmed('code');
+ // @todo this check should really be in index.php for all sensitive actions
+ $ssl = common_config('site', 'ssl');
+ if (empty($_SERVER['HTTPS']) && ($ssl == 'always' || $ssl == 'sometimes')) {
+ common_redirect(common_local_url('register'));
+ // exit
+ }
+
if (empty($this->code)) {
common_ensure_session();
if (array_key_exists('invitecode', $_SESSION)) {
@@ -491,6 +498,45 @@ class RegisterAction extends Action
$this->elementStart('li');
$this->element('input', $attrs);
$this->elementStart('label', array('class' => 'checkbox', 'for' => 'license'));
+ $this->raw($this->licenseCheckbox());
+ $this->elementEnd('label');
+ $this->elementEnd('li');
+ }
+ $this->elementEnd('ul');
+ $this->submit('submit', _('Register'));
+ $this->elementEnd('fieldset');
+ $this->elementEnd('form');
+ }
+
+ function licenseCheckbox()
+ {
+ $out = '';
+ switch (common_config('license', 'type')) {
+ case 'private':
+ // TRANS: Copyright checkbox label in registration dialog, for private sites.
+ $out .= htmlspecialchars(sprintf(
+ _('I understand that content and data of %1$s are private and confidential.'),
+ common_config('site', 'name')));
+ // fall through
+ case 'allrightsreserved':
+ if ($out != '') {
+ $out .= ' ';
+ }
+ if (common_config('license', 'owner')) {
+ // TRANS: Copyright checkbox label in registration dialog, for all rights reserved with a specified copyright owner.
+ $out .= htmlspecialchars(sprintf(
+ _('My text and files are copyright by %1$s.'),
+ common_config('license', 'owner')));
+ } else {
+ // TRANS: Copyright checkbox label in registration dialog, for all rights reserved with ownership left to contributors.
+ $out .= htmlspecialchars(_('My text and files remain under my own copyright.'));
+ }
+ // TRANS: Copyright checkbox label in registration dialog, for all rights reserved.
+ $out .= ' ' . _('All rights reserved.');
+ break;
+ case 'cc': // fall through
+ default:
+ // TRANS: Copyright checkbox label in registration dialog, for Creative Commons-style licenses.
$message = _('My text and files are available under %s ' .
'except this private data: password, ' .
'email address, IM address, and phone number.');
@@ -499,14 +545,9 @@ class RegisterAction extends Action
'">' .
htmlspecialchars(common_config('license', 'title')) .
'</a>';
- $this->raw(sprintf(htmlspecialchars($message), $link));
- $this->elementEnd('label');
- $this->elementEnd('li');
+ $out .= sprintf(htmlspecialchars($message), $link);
}
- $this->elementEnd('ul');
- $this->submit('submit', _('Register'));
- $this->elementEnd('fieldset');
- $this->elementEnd('form');
+ return $out;
}
/**
diff --git a/actions/showfavorites.php b/actions/showfavorites.php
index 4d776ef04..7f3c77ee2 100644
--- a/actions/showfavorites.php
+++ b/actions/showfavorites.php
@@ -121,11 +121,11 @@ class ShowfavoritesAction extends OwnerDesignAction
// Show imported/gateway notices as well as local if
// the user is looking at his own favorites
- $this->notice = $this->user->favoriteNotices(($this->page-1)*NOTICES_PER_PAGE,
- NOTICES_PER_PAGE + 1, true);
+ $this->notice = $this->user->favoriteNotices(true, ($this->page-1)*NOTICES_PER_PAGE,
+ NOTICES_PER_PAGE + 1);
} else {
- $this->notice = $this->user->favoriteNotices(($this->page-1)*NOTICES_PER_PAGE,
- NOTICES_PER_PAGE + 1, false);
+ $this->notice = $this->user->favoriteNotices(false, ($this->page-1)*NOTICES_PER_PAGE,
+ NOTICES_PER_PAGE + 1);
}
if (empty($this->notice)) {
diff --git a/actions/twitapisearchatom.php b/actions/twitapisearchatom.php
index 24aa619bd..51e8a8881 100644
--- a/actions/twitapisearchatom.php
+++ b/actions/twitapisearchatom.php
@@ -342,10 +342,24 @@ class TwitapisearchatomAction extends ApiAction
'rel' => 'related',
'href' => $profile->avatarUrl()));
- // TODO: Here is where we'd put in a link to an atom feed for threads
+ // @todo: Here is where we'd put in a link to an atom feed for threads
+
+ $source = null;
+
+ $ns = $notice->getSource();
+ if ($ns) {
+ if (!empty($ns->name) && !empty($ns->url)) {
+ $source = '<a href="'
+ . htmlspecialchars($ns->url)
+ . '" rel="nofollow">'
+ . htmlspecialchars($ns->name)
+ . '</a>';
+ } else {
+ $source = $ns->code;
+ }
+ }
- $this->element("twitter:source", null,
- htmlentities($this->sourceLink($notice->source)));
+ $this->element("twitter:source", null, $source);
$this->elementStart('author');